<script>
function Del_Info(str){
	var q=confirm('Bạn có chắc chắn muốn xóa hay không?');	
	if(q==true) 
		window.location=str;
	
}
</script>
<?php
$sql="SELECT substr( QUYEN,10, 1 ) as mq
FROM qldl_tai_khoan
WHERE ten_dang_nhap = '".$_SESSION['username']."'";
	$query = @mysql_query($sql,$conn);
	$row = @mysql_fetch_array($query);
	if($row['mq']==1){
	 @header('Location: index.php?page=id_edit_bn&amp;id_edit_bn="'.$_GET['id_edit_bn'].'"'); 
	}
	else {
	echo  "<script>alert ('Bạn không có quyền truy cập trang này!')</script>"; 
	echo "<meta http-equiv='refresh' content='0;url= index.php'>";
	}
?>
<div class="cpanel-right-tttk">
  <div id="panel-sliders" class="pane-sliders">
    <div class="panel">
      <table width="100%" border="0" cellspacing="0" cellpadding="0" style=" padding:10px;">
        <thead>
        <tr style=" padding-bottom:10px;">
        <th colspan="3" align="left" style="padding-bottom:10px;">QUẢN LÍ BANNER</th>
        </tr> 
        <?php $sql2="select * from qldl_banner where MA_BANNER='".$_GET['id_edit_bn']."' ";
		$query2 = @mysql_query($sql2,$conn);
		if(!$query2) echo "Query error to display.";
	else $row2 = @mysql_fetch_array($query2);
	?>
         <?php  
if(isset($_POST['btn_edit_bn'])){ 
	$mbn=$_GET['id_edit_bn'];
	$td = $_POST['txt_td_img'];
	////////
	if ($_FILES["file_up"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file_up"]["error"] . "<br />";
    }
  else
    { $link = $_FILES["file_up"]["name"];
    if (file_exists("banner/upload/news/" . $_FILES["file_up"]["name"]))
      {
      echo $_FILES["file_up"]["name"] . " da ton tai file tren server. ";
      }
    else
      {  
      move_uploaded_file($_FILES["file_up"]["tmp_name"],
      "banner/upload/news/" . $_FILES["file_up"]["name"]);	

      }
	}
	/////
	
	/////
	$sql1 = "update qldl_banner set				
				TIEU_DE='$td',
				HINH_ANH='$link'
			where MA_BANNER='$mbn'
			";
	$query1 = @mysql_query($sql1,$conn);
		
	/////////////////////////////
	if($query1)echo "<script>alert ('Cập nhật thông tin thành công.')</script>";	
	else echo "<script>alert ('Lỗi cập nhật thông tin!')</script>";
	echo  "<meta http-equiv='refresh' content='0;url=index.php?page=banner'>";	
}
?>		
        </thead>   
        <tr valign="top" style="padding:5px;">
          <td width="42%"><div style=" padding:0px; border-top: medium none; border-bottom: medium none; overflow: hidden; height: auto; width:100%" align="left">
            <table width="100%" border="1" bordercolor="#666666" class="adminlist_tt">
              <thead>
                <tr>
                  <th colspan="2"> Thêm hình ảnh mới</th>
                </tr>
                
              </thead>
              <tbody>
                <form action="" method="post" name="form_edit" id="form_edit" onsubmit="return input_edit();">
                <?php  
	$sql="select * from qldl_banner where MA_BANNER='".$_GET['id_edit_bn']."'";
	$query = @mysql_query($sql,$conn);	
	if(!$query) echo "Query error to display.";
	else $row = @mysql_fetch_array($query);
		
  ?>    
                
                <tr>
                  <td width="86">Mã hình ảnh</td>
                  <td><label for="textfield"></label>
                    <input type="text" name="txt_ma_img" id="txt_ma_img" width="180px" value="<?php echo $row['MA_BANNER']; ?>" readonly="readonly"/></td>
                  </tr>
                
                <tr>
                  <td>Tiêu đề</td>
                  <td><input name="txt_td_img" type="text" id="txt_td_img" value="<?php echo $row['TIEU_DE']; ?>" width="180px"/></td>
                  </tr>
                <tr>
                  <td>File ảnh</td>
                  <td><label for="txt_hinh_anh"></label>
                  		<input type="file" name="file_up" /></td>
                  </tr>
                <tr>
                  <td colspan="2"><input name="btn_edit_bn" type="submit" id="btn_edit_bn" value="Lưu"  />
                    <input type="reset" name="btn_huy_gt" id="btn_huy_gt" value="Hủy" />
                   

 
                    </td>
                </tr>
                </form>
              </tbody>
            </table>
   
          </div>
          </td>
          <td width="12%" align="center">&nbsp;</td>
          <td width="46%"><div style=" padding:0px; border-top: medium none; border-bottom: medium none; overflow: hidden; height: auto; width:100%" align="left">
            <table width="100%" border="1" bordercolor="#666666" class="adminlist_tt">
              <thead>
                <tr>
                  <th colspan="5"> Danh sách hình ảnh mới
                  </th>
                  <?php
			   include('banner/del.php');?>
                </tr>
              </thead>
              
              <tbody>
              <form action="" method="get" name="form_view" id="form_view">
                <tr>
                  <td width="33">Stt</td>
                  <td width="117">Tiêu đề</td>
                  <td width="149">Hình ảnh</td>
                  <td width="131">Cập nhật</td>
                </tr>
                
                <?php  
	$stt=0;
	$sql="select * from qldl_banner";
	$query = @mysql_query($sql,$conn);	
	if(!$query) echo "Query error to display.";
	else while($rows = @mysql_fetch_array($query)){
		$stt++;
		?>
                <?php /*?><?php
include('config.php');
$str = "SELECT * FROM banner";
$result = mysql_query($str);
while($rows = mysql_fetch_array($result)){
?><?php */?>
                <tr valign="top" align="center">
                  <td><?php echo $rows['MA_BANNER']; ?></td>
                  <td><?php echo $rows['TIEU_DE']; ?></td>
                  <td><img src="banner/upload/news/<?php echo $rows['HINH_ANH'];?>" width="120" height="80" /></td>
                  <td valign="middle" align="center">
                  <a href="index.php?page=id_edit_bn&amp;id_edit_bn=<?php echo $row['MA_BANNER'];?>">Sửa</a>||
                  <a onclick="Del_Info('index.php?page=banner&amp;id_del_bn=<?php echo $rows['MA_BANNER']; ?>&id_photo_bn=<?php echo $rows['HINH_ANH'];?>');" href="#">Xóa</a>
                  </td>
                </tr>
               <?php }
			   ?> 
               </form>
              </tbody>
            </table>
          </div></td>
        </tr>
      </table>
    </div>
  </div>
</div>